Primary File, Inc.: The Zappos Data Crisis

Hanson, A., Kenney, K., and O’Rourke, J. S. (Editor)
February 2, 2018
North America
Strategy & General Management, Information Systems
17 pages
hacking, security breach, data stored online, lawsuit, brand equity
Student Price: 
$4.00 (€3.69)
Average rating: 

On January 15, 2012, Zappos, an Amazon subsidiary, was the victim of a purposeful hacking attack. CEO Tony Hsieh sent out a tweet, alerting customers that the systems had been penetrated and directing them to a letter with incident details and recommended customer actions. Given that security breaches have become an increasing concern due to the amount of data stored online, the public immediately criticized Zappos, and a class action lawsuit was filed. Tony Hsieh, and parent company CEO, Jeff Bezos, must decide if any additional payment is due to customers and how to retain brand equity and customer security going forward.

Learning Outcomes: 
  1. To provide an example of how an organization’s corporate communication strategy following an incident can cause as much damage as the incident itself.
  2. To demonstrate the inherent ambiguity for an industry within an unregulated environment and examine how necessary it is to be proactive.
  3. To illustrate the significant responsibility of an industry leader to protect both its own reputation as well as the reputation of its broader industry.
  4. To demonstrate the tension between a parent organization and its subsidiaries during a time of crisis.